Sunday, February 24, 2013

Coinbase: Swapping Bitcoin Privacy for Banking Convenience

By Jon Matonis
Tuesday, February 19, 2013

I've always had this nagging feeling about Coinbase’s exchange service and I just couldn't quite put my finger on it.

The San Francisco startup receives praise for its simple method of acquiring and selling bitcoins, a digital currency, via one’s U.S. bank account. In fact, Coinbase, founded in June 2012, is now selling over $1 million worth of bitcoins per month. The firm apparently ran out of inventory last week.

Then, it hit me. This is just like buying bitcoins from your bank – or from the Internal Revenue Service. If a bank offered a bitcoin purchasing option from its website, it would look like Coinbase. If Coinbase cut them in on the commission, it could probably white-label the service directly to banks.

Nothing wrong with that, but it means Coinbase fails to leverage the unique financial privacy aspects of the Bitcoin network. I do not fault founder and CEO Brian Armstrong, because he’s launched a much-needed Bitcoin service at a critical point in the digital money's evolution. Here's the rub: to address the fraud and compliance issues around the irreversible sale of a privacy product, Coinbase has simply removed the privacy.

Currently, Coinbase provides its exchange service in the U.S. only and it offers two methods for linking a bank account, “instant account verification” and “challenge deposit verification.” For those who are uncomfortable providing their private online banking usernames and passwords to Coinbase, the alternate method offers a typical challenge deposit process similar to linking a bank account to PayPal. (In challenge verification, a company makes two small deposits to the user’s account, and the user proves she is the accountholder by entering those amounts into the company’s site.) Coinbase does not allow for other less-intrusive payment methods, such as a cash deposit at a bank branch, via an intermediary like TrustCash, or cash bill payment at a retail location, through a network like ZipZap.

(Coinbase also signs up merchants to accept bitcoin and landed Reddit as a client last week.)

Coinbase is not licensed as a money transmitter in any state, nor is it registered as a money services business with the U.S. Treasury’s Financial Crimes Enforcement Network. I applaud the company for dispensing with these formalities because, since it is only selling a cryptographic token and not a financial instrument, such registration and licensure is not legally required.

The company says it has an anti-money laundering program, but it was not listed on their web site, and again, it is not a legal requirement for this business. Besides, the majority of what constitutes an AML program is already covered via Coinbase's strong relationship to the user's financial institution, with one of the exceptions being the identification of aggregated transactions from multiple bank accounts. But even this would be easy enough for Coinbase to determine based on the additional user data collected.

According to its privacy policy, Coinbase collects data about visitors to the site sent by their computer or mobile phone (e.g. IP addresses) and device information including but not limited to identifier, name and type, operating system, location, mobile network information and standard web log information. Those who sign up for the service may have to provide their name, address, phone number, email address, and bank or credit card numbers. Before using the service, customers may further have to give a Social Security number or birthdate, and they are subject to credit checks or identity verification by third parties.

Furthermore, there is no indication that Coinbase deletes the internal bitcoin wallet transfer logs or the associated bitcoin address logs. With more observable data points, the privacy of all bitcoin transactions can become cumulatively degraded.

By criticizing the collection of personal information for the purchase of bitcoin, a harmless cryptography product, I am not simply "letting the perfect being the enemy of the good." Caution is strongly advised when dealing with Coinbase. The potential exists for enhanced surveillance and network traffic analysis enabled by the supreme identity management that comes built-in with Coinbase. For instance, it would not be advisable to play Bitcoin casino games or poker with Coinbase-acquired bitcoins that weren't properly "mixed."

Of course, not everyone requires privacy in their transactions, so Coinbase may suit some users’ purposes just fine. However, Satoshi Nakamoto, the pseudonymous creator of Bitcoin, didn't sit down and code the decentralized protocol because he was upset about banking efficiency and trusted third parties. He wrote Bitcoin as a value transfer system that could survive hostile attacks.

When Armstrong says, "our goal is to make [B]itcoin easier to use, and (longer term) to help bring fast, cheap, international payments to the whole world" and "Bitcoin represents a fundamental leap forward in payment technology and it’s going to bring massive efficiencies to many areas of commerce," he's playing only to the low-fee, frictionless attributes of Bitcoin. He doesn't mean that Coinbase's goal is to facilitate payments for the anonymous and safe purchase of WordPress features in authoritarian countries or to bypass a politically-motivated blockade against WikiLeaks.

When it comes to the financial privacy and censorship-resistant payment attributes of Bitcoin, Coinbase falls short, and that, I think, is likely to impede the startup’s growth. The firm seems not to care. Its privacy policy states, "We may share your personal information with law enforcement, government officials, or other third parties when we are compelled to do so by a subpoena, court order or similar legal procedure."

When that time comes, you better believe that Coinbase will have a lot to share.


  1. TIL that sharing my bank details in order to use ACH to buy or sell Bitcoins gives away my identity to the party I am buying or selling bitcoins from, and that they may tell on me in order to remain in the business of buying and selling bitcoins via ACH should LEA or IRS ever come to ask about it.

    Boy, I'm glad somebody pointed that out or I might have caught my dick in a ceiling fan again. 8I

  2. Actually, Satoshi wrote bitcoin for exactly the reasons—banking efficiency, and trusted third parties—that you said he did not.

    Go read the original bitcoin article:

    The first paragraph motivates bitcoin as a solution to banking efficiency, by avoiding trusted third parties:

    "Commerce on the Internet has come to rely almost exclusively on financial institutions serving as trusted third parties to process electronic payments. While the system works well enough for most transactions, it still suffers from the inherent weaknesses of the trust based model. Completely non-reversible transactions are not really possible, since financial institutions cannot avoid mediating disputes. The cost of mediation increases transaction costs, limiting the minimum practical transaction size and cutting off the possibility for small casual transactions, and there is a broader cost in the loss of ability to make non-reversible payments for nonreversible services. With the possibility of reversal, the need for trust spreads. Merchants must be wary of their customers, hassling them for more information than they would otherwise need. A certain percentage of fraud is accepted as unavoidable. These costs and payment uncertainties can be avoided in person by using physical currency, but no mechanism exists to make payments over a communications channel without a trusted party."

  3. Of course, that is an auxiliary benefit of a distributed trust model. No one is denying that; however, a centralized scheme would be a far more efficient model if the motivation was only about fees and chargebacks. Indeed, Chaum's protocol had low fees and irreversibility features, but it was centralized at a 'verification' mint.

    The decentralization theme is where the advance lies with Satoshi's bitcoin protocol, because centralized systems are inherently prone to attack. The major difference between Bitcoin and digital cash protocols from the 1990s is the distribution of the transaction ledger which has the potential to ensure node privacy and user privacy for the purpose of survivability.

  4. Wow, pot calling the kettle black here or what?

    You're some sort of spokesperson for TBTF (the bitcoin foundation) and you're accusing someone else of overcentralizing bitcoin?

    Got my laughs for the day.

  5. I don't remember accusing anyone of over-centralizing bitcoin. That's not what Coinbase does and their merchant-facing business is exemplary. I just think it feels like buying weed from the DEA.

    Actually, the Bitcoin Foundation or a similar nonprofit adds transparency and openness to Bitcoin, because without transparent developer compensation the open source 'volunteers' could be nefariously co-opted by governments or large mining pools.

  6. > because without transparent developer
    > compensation the open source 'volunteers'
    > could be nefariously co-opted by governments
    > or large mining pools.

    This fails the giggle test. Columbia University
    professor Fred Mishkin is paid a huge salary for
    his teaching and he was still bribed into
    committing academic fraud by the banking
    establishment; just watch the movie _Inside Job_
    to see how.

    1. I can understand the sentiment, but that film misses the root cause. So what if he was bribed? So what if banks paid a ton of money for an undisclosed commission? If these entities were no different than any other private entity, what difference would it make?

      So you point out to the collusion, the fascist nature of the banking system. Ok, yes.. and where do they get their power from? The state.

      You know the problem isn't even with the existence of the Fed itself, it's the monopoly power given to it by.. you guessed it, the state. Take away legal tender laws (and all other restrictions) and the Fed and their client banks becomes powerless. It wouldn't matter how many academics you bribe, for they would have no influence on shaping policy, since there would be no policy to begin with!

    2. Excellent points, npcomplete!

  7. > the open source 'volunteers' could be nefariously co-opted by governments or large mining pools.

    Ah, right, so instead the developers can be co-opted by MtGox, who provide 95% of The bitcoin fundation's budget.

    Of course.

    1. That's better because it's open for all to see and scrutinize.
      Now take your paranoid delusions to

  8. All the critics so far have just attacked strawmen and have said nothing against the merits of this article on the privacy risks involves in these types of services.

    I appreciate that there are some people pointing out risks that are subtle or not so apparent, something that can get overlooked when considering coinbase and similar service's good utility.

    There are also relatively few high level people who are as vocally anti-statist like Jon here. It isn't necessarily the centralization that's the issue; it's how such services make vulnerable your privacy to state force!

  9. The way the government will eventually attack bitcoin is to go after people for not maintaining full records and paying taxes. It is that simple.

    The response will be "There is nothing illegal about using bitcoin and no laws are passed, but you John Doe did not keep records and pay your taxes as an honest citizen, thus you are going to jail".

    I plan on making a ton of money on bitcoin, and I would like to be able to use that money at some point by bringing some of it back into the system, which eventually everyone has to do at some point. There is no point in dying and being buried with your offline paper wallet.

    To do this I have to keep records and pay the IRS in an honest way. There is no way out of that. If later the IRS defines rules on how to account for various transactions that slightly change the tax owed, as long as I made a good faith effort there is nothing the government can do and I can profit off of my BTC investments.

    So why would anyone have a problem with coinbase? They actually make this easier by keeping records. Everyone will have to be tax compliant at some point, might as well get on board.

    The whole bitcoin project is not about hiding money, but to create an honest system where the evil bankers can't just print themselves money whenever they want.

  10. CAUTION: Coinbase is not trustworthy! Don't give them your banking or credit card information.


Note: Only a member of this blog may post a comment.